On July 23 and 25, 2018, the U.S. Department of Homeland Security (DHS) held public briefings about an attempt by a state-sponsored Russian hacking group to target control systems for U.S. electrical grids and power plants. DHS’ webinar explained that the hackers obtained access to vendors providing computer services to electric utilities companies. This initial access enabled the hackers to gain entry to power company control systems through a complex series of security compromises lasting quite some time. … Continue Reading
This week, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published a January 2018 newsletter focusing on “cyber extortion.” Cyber extortion often involves an attacker gaining access to an organization’s computer system, stealing sensitive information, and threatening to publish the information. Healthcare and public health organizations are often the targets of these attacks, so affected data frequently includes protected health information, or PHI. The OCR newsletter indicates that incidents of cyber extortion have been steadily increasing over the past several years and will continue to disrupt many organizations.… Continue Reading
The Federal Bureau of Investigation (“FBI”) issued Public Service Announcement (“PSA”) I-082715a, updating a previous PSA describing the “Business E-mail Compromise.” The FBI defines the Business E-mail Compromise as “a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The scam is carried out by compromising legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.” The attack often leads to business wire transferring substantial funds (amounts in the hundreds of thousands or millions of dollars) directly to bogus bank accounts set up by the … Continue Reading
On April 1, 2015, President Obama issued Executive Order 13694, creating a new sanctions program that targets the growing and evolving threat posed by cyber-attacks. The Order authorizes sanctions against those who seek to use cyber-attacks to harm critical infrastructure, target network availability, and steal sensitive information, such as trade secrets and personal financial information.
The Order requires the freezing of assets of designated cyber-attackers in the United States or in the control or possession of US persons. It also prohibits US individuals and organizations from engaging in any transactions with those on the sanctions list or any entities … Continue Reading